mirror of
https://github.com/catlog22/Claude-Code-Workflow.git
synced 2026-02-05 01:50:27 +08:00
09d99abee6
* feat(security): Secure dashboard server by default ## Solution Summary - Solution-ID: SOL-DSC-002-1 - Issue-ID: DSC-002 ## Tasks Completed - [T1] JWT token manager (24h expiry, persisted secret/token) - [T2] API auth middleware + localhost token endpoint - [T3] Default bind 127.0.0.1, add --host with warning - [T4] Localhost-only CORS with credentials + Vary - [T5] SECURITY.md documentation + README link ## Verification - npm run build - npm test -- ccw/tests/token-manager.test.ts ccw/tests/middleware.test.ts ccw/tests/server-auth.integration.test.ts ccw/tests/server.test.ts ccw/tests/cors.test.ts * fix(security): Prevent command injection in Windows spawn() ## Solution Summary - **Solution-ID**: SOL-DSC-001-1 - **Issue-ID**: DSC-001 - **Risk/Impact/Complexity**: high/high/medium ## Tasks Completed - [T1] Create Windows shell escape utility - [T2] Escape cli-executor spawn() args on Windows - [T3] Add command injection regression tests ## Files Modified - ccw/src/utils/shell-escape.ts - ccw/src/tools/cli-executor.ts - ccw/tests/shell-escape.test.ts - ccw/tests/security/command-injection.test.ts ## Verification - npm run build - npm test -- ccw/tests/shell-escape.test.ts ccw/tests/security/command-injection.test.ts * fix(security): Harden path validation (DSC-005) ## Solution Summary - Solution-ID: SOL-DSC-005-1 - Issue-ID: DSC-005 ## Tasks Completed - T1: Refactor path validation to pre-resolution checking - T2: Implement allowlist-based path validation - T3: Add path validation to API routes - T4: Add path security regression tests ## Files Modified - ccw/src/utils/path-resolver.ts - ccw/src/utils/path-validator.ts - ccw/src/core/routes/graph-routes.ts - ccw/src/core/routes/files-routes.ts - ccw/src/core/routes/skills-routes.ts - ccw/tests/path-resolver.test.ts - ccw/tests/graph-routes.test.ts - ccw/tests/files-routes.test.ts - ccw/tests/skills-routes.test.ts - ccw/tests/security/path-traversal.test.ts ## Verification - npm run build - npm test -- path-resolver.test.ts - npm test -- path-validator.test.ts - npm test -- graph-routes.test.ts - npm test -- files-routes.test.ts - npm test -- skills-routes.test.ts - npm test -- ccw/tests/security/path-traversal.test.ts * fix(security): Prevent credential leakage (DSC-004) ## Solution Summary - Solution-ID: SOL-DSC-004-1 - Issue-ID: DSC-004 ## Tasks Completed - T1: Create credential handling security tests - T2: Add log sanitization tests - T3: Add env var leakage prevention tests - T4: Add secure storage tests ## Files Modified - ccw/src/config/litellm-api-config-manager.ts - ccw/src/core/routes/litellm-api-routes.ts - ccw/tests/security/credential-handling.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/security/credential-handling.test.ts * test(ranking): expand normalize_weights edge case coverage (ISS-1766920108814-0) ## Solution Summary - Solution-ID: SOL-20251228113607 - Issue-ID: ISS-1766920108814-0 ## Tasks Completed - T1: Fix NaN and invalid total handling in normalize_weights - T2: Add unit tests for NaN edge cases in normalize_weights ## Files Modified - codex-lens/tests/test_rrf_fusion.py ## Verification - python -m pytest codex-lens/tests/test_rrf_fusion.py::TestNormalizeBM25Score -v - python -m pytest codex-lens/tests/test_rrf_fusion.py -v -k normalize - python -m pytest codex-lens/tests/test_rrf_fusion.py::TestReciprocalRankFusion::test_weight_normalization codex-lens/tests/test_cli_hybrid_search.py::TestCLIHybridSearch::test_weights_normalization -v * feat(security): Add CSRF protection and tighten CORS (DSC-006) ## Solution Summary - Solution-ID: SOL-DSC-006-1 - Issue-ID: DSC-006 - Risk/Impact/Complexity: high/high/medium ## Tasks Completed - T1: Create CSRF token generation system - T2: Add CSRF token endpoints - T3: Implement CSRF validation middleware - T4: Restrict CORS to trusted origins - T5: Add CSRF security tests ## Files Modified - ccw/src/core/auth/csrf-manager.ts - ccw/src/core/auth/csrf-middleware.ts - ccw/src/core/routes/auth-routes.ts - ccw/src/core/server.ts - ccw/tests/csrf-manager.test.ts - ccw/tests/auth-routes.test.ts - ccw/tests/csrf-middleware.test.ts - ccw/tests/security/csrf.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/csrf-manager.test.ts - node --experimental-strip-types --test ccw/tests/auth-routes.test.ts - node --experimental-strip-types --test ccw/tests/csrf-middleware.test.ts - node --experimental-strip-types --test ccw/tests/cors.test.ts - node --experimental-strip-types --test ccw/tests/security/csrf.test.ts * fix(cli-executor): prevent stale SIGKILL timeouts ## Solution Summary - Solution-ID: SOL-DSC-007-1 - Issue-ID: DSC-007 - Risk/Impact/Complexity: low/low/low ## Tasks Completed - [T1] Store timeout handle in killCurrentCliProcess ## Files Modified - ccw/src/tools/cli-executor.ts - ccw/tests/cli-executor-kill.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/cli-executor-kill.test.ts * fix(cli-executor): enhance merge validation guards ## Solution Summary - Solution-ID: SOL-DSC-008-1 - Issue-ID: DSC-008 - Risk/Impact/Complexity: low/low/low ## Tasks Completed - [T1] Enhance sourceConversations array validation ## Files Modified - ccw/src/tools/cli-executor.ts - ccw/tests/cli-executor-merge-validation.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/cli-executor-merge-validation.test.ts * refactor(core): remove @ts-nocheck from core routes ## Solution Summary - Solution-ID: SOL-DSC-003-1 - Issue-ID: DSC-003 - Queue-ID: QUE-20260106-164500 - Item-ID: S-9 ## Tasks Completed - T1: Create shared RouteContext type definition - T2: Remove @ts-nocheck from small route files - T3: Remove @ts-nocheck from medium route files - T4: Remove @ts-nocheck from large route files - T5: Remove @ts-nocheck from remaining core files ## Files Modified - ccw/src/core/dashboard-generator-patch.ts - ccw/src/core/dashboard-generator.ts - ccw/src/core/routes/ccw-routes.ts - ccw/src/core/routes/claude-routes.ts - ccw/src/core/routes/cli-routes.ts - ccw/src/core/routes/codexlens-routes.ts - ccw/src/core/routes/discovery-routes.ts - ccw/src/core/routes/files-routes.ts - ccw/src/core/routes/graph-routes.ts - ccw/src/core/routes/help-routes.ts - ccw/src/core/routes/hooks-routes.ts - ccw/src/core/routes/issue-routes.ts - ccw/src/core/routes/litellm-api-routes.ts - ccw/src/core/routes/litellm-routes.ts - ccw/src/core/routes/mcp-routes.ts - ccw/src/core/routes/mcp-routes.ts.backup - ccw/src/core/routes/mcp-templates-db.ts - ccw/src/core/routes/nav-status-routes.ts - ccw/src/core/routes/rules-routes.ts - ccw/src/core/routes/session-routes.ts - ccw/src/core/routes/skills-routes.ts - ccw/src/core/routes/status-routes.ts - ccw/src/core/routes/system-routes.ts - ccw/src/core/routes/types.ts - ccw/src/core/server.ts - ccw/src/core/websocket.ts ## Verification - npm run build - npm test * refactor: split cli-executor and codexlens routes into modules ## Solution Summary - Solution-ID: SOL-DSC-012-1 - Issue-ID: DSC-012 - Risk/Impact/Complexity: medium/medium/high ## Tasks Completed - [T1] Extract execution orchestration from cli-executor.ts (Refactor ccw/src/tools) - [T2] Extract route handlers from codexlens-routes.ts (Refactor ccw/src/core/routes) - [T3] Extract prompt concatenation logic from cli-executor (Refactor ccw/src/tools) - [T4] Document refactored module architecture (Docs) ## Files Modified - ccw/src/tools/cli-executor.ts - ccw/src/tools/cli-executor-core.ts - ccw/src/tools/cli-executor-utils.ts - ccw/src/tools/cli-executor-state.ts - ccw/src/tools/cli-prompt-builder.ts - ccw/src/tools/README.md - ccw/src/core/routes/codexlens-routes.ts - ccw/src/core/routes/codexlens/config-handlers.ts - ccw/src/core/routes/codexlens/index-handlers.ts - ccw/src/core/routes/codexlens/semantic-handlers.ts - ccw/src/core/routes/codexlens/watcher-handlers.ts - ccw/src/core/routes/codexlens/utils.ts - ccw/src/core/routes/codexlens/README.md ## Verification - npm run build - npm test * test(issue): Add comprehensive issue command tests ## Solution Summary - **Solution-ID**: SOL-DSC-009-1 - **Issue-ID**: DSC-009 - **Risk/Impact/Complexity**: low/high/medium ## Tasks Completed - [T1] Create issue command test file structure: Create isolated test harness - [T2] Add JSONL read/write operation tests: Verify JSONL correctness and errors - [T3] Add issue lifecycle tests: Verify status transitions and timestamps - [T4] Add solution binding tests: Verify binding flows and error cases - [T5] Add queue formation tests: Verify queue creation, IDs, and DAG behavior - [T6] Add queue execution tests: Verify next/done/retry and status sync ## Files Modified - ccw/src/commands/issue.ts - ccw/tests/issue-command.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/issue-command.test.ts * test(routes): Add integration tests for route modules ## Solution Summary - Solution-ID: SOL-DSC-010-1 - Issue-ID: DSC-010 - Queue-ID: QUE-20260106-164500 ## Tasks Completed - [T1] Add tests for ccw-routes.ts - [T2] Add tests for files-routes.ts - [T3] Add tests for claude-routes.ts (includes Windows path fix for create) - [T4] Add tests for issue-routes.ts - [T5] Add tests for help-routes.ts (avoid hanging watchers) - [T6] Add tests for nav-status-routes.ts - [T7] Add tests for hooks/graph/rules/skills/litellm-api routes ## Files Modified - ccw/src/core/routes/claude-routes.ts - ccw/src/core/routes/help-routes.ts - ccw/tests/integration/ccw-routes.test.ts - ccw/tests/integration/claude-routes.test.ts - ccw/tests/integration/files-routes.test.ts - ccw/tests/integration/issue-routes.test.ts - ccw/tests/integration/help-routes.test.ts - ccw/tests/integration/nav-status-routes.test.ts - ccw/tests/integration/hooks-routes.test.ts - ccw/tests/integration/graph-routes.test.ts - ccw/tests/integration/rules-routes.test.ts - ccw/tests/integration/skills-routes.test.ts - ccw/tests/integration/litellm-api-routes.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/integration/ccw-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/files-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/claude-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/issue-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/help-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/nav-status-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/hooks-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/graph-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/rules-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/skills-routes.test.ts - node --experimental-strip-types --test ccw/tests/integration/litellm-api-routes.test.ts * refactor(core): Switch cache and lite scanning to async fs ## Solution Summary - Solution-ID: SOL-DSC-013-1 - Issue-ID: DSC-013 - Queue-ID: QUE-20260106-164500 ## Tasks Completed - [T1] Convert cache-manager.ts to async file operations - [T2] Convert lite-scanner.ts to async file operations - [T3] Update cache-manager call sites to await async API - [T4] Update lite-scanner call sites to await async API ## Files Modified - ccw/src/core/cache-manager.ts - ccw/src/core/lite-scanner.ts - ccw/src/core/data-aggregator.ts ## Verification - npm run build - npm test * fix(exec): Add timeout protection for execSync ## Solution Summary - Solution-ID: SOL-DSC-014-1 - Issue-ID: DSC-014 - Queue-ID: QUE-20260106-164500 ## Tasks Completed - [T1] Add timeout to execSync calls in python-utils.ts - [T2] Add timeout to execSync calls in detect-changed-modules.ts - [T3] Add timeout to execSync calls in claude-freshness.ts - [T4] Add timeout to execSync calls in issue.ts - [T5] Consolidate execSync timeout constants and audit coverage ## Files Modified - ccw/src/utils/exec-constants.ts - ccw/src/utils/python-utils.ts - ccw/src/tools/detect-changed-modules.ts - ccw/src/core/claude-freshness.ts - ccw/src/commands/issue.ts - ccw/src/tools/smart-search.ts - ccw/src/tools/codex-lens.ts - ccw/src/core/routes/codexlens/config-handlers.ts ## Verification - npm run build - npm test - node --experimental-strip-types --test ccw/tests/issue-command.test.ts * feat(cli): Add progress spinner with elapsed time for long-running operations ## Solution Summary - Solution-ID: SOL-DSC-015-1 - Issue-ID: DSC-015 - Queue-Item: S-15 - Risk/Impact/Complexity: low/medium/low ## Tasks Completed - [T1] Add progress spinner to CLI execution: Update ccw/src/commands/cli.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/tests/cli-command.test.ts ## Verification - node --experimental-strip-types --test ccw/tests/cli-command.test.ts - node --experimental-strip-types --test ccw/tests/cli-executor-kill.test.ts - node --experimental-strip-types --test ccw/tests/cli-executor-merge-validation.test.ts * fix(cli): Move full output hint immediately after truncation notice ## Solution Summary - Solution-ID: SOL-DSC-016-1 - Issue-ID: DSC-016 - Queue-Item: S-16 - Risk/Impact/Complexity: low/high/low ## Tasks Completed - [T1] Relocate output hint after truncation: Update ccw/src/commands/cli.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/tests/cli-command.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/cli-command.test.ts * feat(cli): Add confirmation prompts for destructive operations ## Solution Summary - Solution-ID: SOL-DSC-017-1 - Issue-ID: DSC-017 - Queue-Item: S-17 - Risk/Impact/Complexity: low/high/low ## Tasks Completed - [T1] Add confirmation to storage clean operations: Update ccw/src/commands/cli.ts - [T2] Add confirmation to issue queue delete: Update ccw/src/commands/issue.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/src/commands/issue.ts - ccw/tests/cli-command.test.ts - ccw/tests/issue-command.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/cli-command.test.ts - node --experimental-strip-types --test ccw/tests/issue-command.test.ts * feat(cli): Improve multi-line prompt guidance ## Solution Summary - Solution-ID: SOL-DSC-018-1 - Issue-ID: DSC-018 - Queue-Item: S-18 - Risk/Impact/Complexity: low/medium/low ## Tasks Completed - [T1] Update CLI help to emphasize --file option: Update ccw/src/commands/cli.ts - [T2] Add inline hint for multi-line detection: Update ccw/src/commands/cli.ts ## Files Modified - ccw/src/commands/cli.ts - ccw/tests/cli-command.test.ts ## Verification - npm run build - node --experimental-strip-types --test ccw/tests/cli-command.test.ts --------- Co-authored-by: catlog22 <catlog22@github.com>
310 lines
11 KiB
TypeScript
310 lines
11 KiB
TypeScript
/**
|
|
* Unit tests for path-resolver utility module.
|
|
*
|
|
* Notes:
|
|
* - Targets the runtime implementation shipped in `ccw/dist`.
|
|
* - Uses in-memory stubs for fs + os to avoid touching the real filesystem.
|
|
*/
|
|
|
|
import { after, beforeEach, describe, it } from 'node:test';
|
|
import assert from 'node:assert/strict';
|
|
import path from 'node:path';
|
|
import { createRequire } from 'node:module';
|
|
|
|
const require = createRequire(import.meta.url);
|
|
// Use CJS exports so we can monkeypatch properties before importing the ESM under test.
|
|
// eslint-disable-next-line @typescript-eslint/no-var-requires
|
|
const fs = require('node:fs') as typeof import('node:fs');
|
|
// eslint-disable-next-line @typescript-eslint/no-var-requires
|
|
const os = require('node:os') as typeof import('node:os');
|
|
|
|
const TEST_CCW_HOME = path.join(process.cwd(), '.tmp-ccw-path-resolver-home');
|
|
const ORIGINAL_ENV = { ...process.env };
|
|
process.env.CCW_DATA_DIR = TEST_CCW_HOME;
|
|
|
|
type FsState = {
|
|
existing: Set<string>;
|
|
files: Map<string, string>;
|
|
directories: Set<string>;
|
|
realpaths: Map<string, string>;
|
|
mkdirCalls: Array<{ path: string; options: unknown }>;
|
|
writeCalls: Array<{ path: string; data: string; encoding: string }>;
|
|
};
|
|
|
|
const fsState: FsState = {
|
|
existing: new Set(),
|
|
files: new Map(),
|
|
directories: new Set(),
|
|
realpaths: new Map(),
|
|
mkdirCalls: [],
|
|
writeCalls: [],
|
|
};
|
|
|
|
function key(filePath: string): string {
|
|
return path.resolve(filePath).replace(/\\/g, '/').toLowerCase();
|
|
}
|
|
|
|
function setExists(filePath: string, exists: boolean): void {
|
|
const normalized = key(filePath);
|
|
if (exists) fsState.existing.add(normalized);
|
|
else fsState.existing.delete(normalized);
|
|
}
|
|
|
|
function setDir(filePath: string, isDirectory: boolean): void {
|
|
const normalized = key(filePath);
|
|
if (isDirectory) fsState.directories.add(normalized);
|
|
else fsState.directories.delete(normalized);
|
|
}
|
|
|
|
function setFile(filePath: string, content: string): void {
|
|
const normalized = key(filePath);
|
|
fsState.files.set(normalized, content);
|
|
fsState.existing.add(normalized);
|
|
}
|
|
|
|
function setRealpath(filePath: string, realPath: string): void {
|
|
fsState.realpaths.set(key(filePath), realPath);
|
|
}
|
|
|
|
const originalFs = {
|
|
existsSync: fs.existsSync,
|
|
readFileSync: fs.readFileSync,
|
|
writeFileSync: fs.writeFileSync,
|
|
mkdirSync: fs.mkdirSync,
|
|
realpathSync: fs.realpathSync,
|
|
statSync: fs.statSync,
|
|
};
|
|
const originalHomedir = os.homedir;
|
|
|
|
const TEST_HOME = path.join(process.cwd(), '.tmp-ccw-path-resolver-user-home');
|
|
os.homedir = () => TEST_HOME;
|
|
|
|
fs.existsSync = ((filePath: string) => fsState.existing.has(key(filePath))) as any;
|
|
fs.readFileSync = ((filePath: string, encoding: string) => {
|
|
assert.equal(encoding, 'utf8');
|
|
const value = fsState.files.get(key(filePath));
|
|
if (value === undefined) {
|
|
throw new Error(`ENOENT: no such file or directory, open '${filePath}'`);
|
|
}
|
|
return value;
|
|
}) as any;
|
|
fs.writeFileSync = ((filePath: string, data: string, encoding: string) => {
|
|
fsState.writeCalls.push({ path: filePath, data: String(data), encoding: String(encoding) });
|
|
setFile(filePath, String(data));
|
|
}) as any;
|
|
fs.mkdirSync = ((dirPath: string, options: unknown) => {
|
|
fsState.mkdirCalls.push({ path: dirPath, options });
|
|
setExists(dirPath, true);
|
|
setDir(dirPath, true);
|
|
}) as any;
|
|
fs.realpathSync = ((filePath: string) => {
|
|
const mapped = fsState.realpaths.get(key(filePath));
|
|
return mapped ?? filePath;
|
|
}) as any;
|
|
fs.statSync = ((filePath: string) => {
|
|
return {
|
|
isDirectory: () => fsState.directories.has(key(filePath)),
|
|
} as any;
|
|
}) as any;
|
|
|
|
const pathResolverUrl = new URL('../dist/utils/path-resolver.js', import.meta.url).href;
|
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
let pathResolver: any;
|
|
|
|
beforeEach(() => {
|
|
fsState.existing.clear();
|
|
fsState.files.clear();
|
|
fsState.directories.clear();
|
|
fsState.realpaths.clear();
|
|
fsState.mkdirCalls.length = 0;
|
|
fsState.writeCalls.length = 0;
|
|
});
|
|
|
|
describe('path-resolver utility module', async () => {
|
|
pathResolver = await import(pathResolverUrl);
|
|
|
|
it('resolvePath expands ~ and resolves relative paths', () => {
|
|
const resolvedHome = pathResolver.resolvePath('~/proj');
|
|
assert.equal(resolvedHome, path.join(TEST_HOME, 'proj'));
|
|
|
|
const relativeInput = path.join('some', 'dir');
|
|
assert.equal(pathResolver.resolvePath(relativeInput), path.resolve(relativeInput));
|
|
|
|
assert.equal(pathResolver.resolvePath(''), process.cwd());
|
|
});
|
|
|
|
it('validatePath rejects empty input and control characters', () => {
|
|
assert.deepEqual(pathResolver.validatePath(''), {
|
|
valid: false,
|
|
path: null,
|
|
error: 'Path is required',
|
|
});
|
|
|
|
const res = pathResolver.validatePath('C:\\allowed\\file.txt\0');
|
|
assert.equal(res.valid, false);
|
|
assert.equal(res.path, null);
|
|
assert.equal(res.error, 'Path contains invalid characters');
|
|
});
|
|
|
|
it('validatePath enforces baseDir boundary and detects traversal', () => {
|
|
const baseDir = 'C:\\allowed';
|
|
const traversal = pathResolver.validatePath('C:\\allowed\\..\\secret', { baseDir });
|
|
assert.equal(traversal.valid, false);
|
|
assert.equal(traversal.path, null);
|
|
assert.ok(traversal.error?.includes('Path must be within'));
|
|
|
|
const outside = pathResolver.validatePath('C:\\secret', { baseDir });
|
|
assert.equal(outside.valid, false);
|
|
assert.ok(outside.error?.includes('Path must be within'));
|
|
});
|
|
|
|
it('validatePath validates existence when mustExist is set', () => {
|
|
const missing = pathResolver.validatePath('C:\\does-not-exist', { mustExist: true });
|
|
assert.equal(missing.valid, false);
|
|
assert.equal(missing.path, null);
|
|
assert.ok(missing.error?.includes('Path does not exist:'));
|
|
});
|
|
|
|
it('validatePath resolves symlinks via realpathSync when path exists', () => {
|
|
const baseDir = 'C:\\allowed';
|
|
const linkPath = 'C:\\allowed\\link';
|
|
setExists(linkPath, true);
|
|
setRealpath(linkPath, 'C:\\secret');
|
|
|
|
const res = pathResolver.validatePath(linkPath, { baseDir });
|
|
assert.equal(res.valid, false);
|
|
assert.equal(res.path, null);
|
|
assert.ok(res.error?.includes('Path must be within'));
|
|
});
|
|
|
|
it('validatePath blocks symlink escapes even when target path does not exist', () => {
|
|
const baseDir = 'C:\\allowed';
|
|
const linkPath = 'C:\\allowed\\link';
|
|
setExists(linkPath, true);
|
|
setDir(linkPath, true);
|
|
setRealpath(linkPath, 'C:\\secret');
|
|
|
|
const res = pathResolver.validatePath(path.join(linkPath, 'newfile.txt'), { baseDir });
|
|
assert.equal(res.valid, false);
|
|
assert.equal(res.path, null);
|
|
assert.ok(res.error?.includes('Path must be within'));
|
|
});
|
|
|
|
it('validatePath allows symlinked parent directories that resolve within baseDir', () => {
|
|
const baseDir = 'C:\\allowed';
|
|
const linkPath = 'C:\\allowed\\link';
|
|
setExists(linkPath, true);
|
|
setDir(linkPath, true);
|
|
setRealpath(linkPath, 'C:\\allowed\\real');
|
|
|
|
const res = pathResolver.validatePath(path.join(linkPath, 'newfile.txt'), { baseDir });
|
|
assert.equal(res.valid, true);
|
|
assert.equal(res.path, path.join('C:\\allowed\\real', 'newfile.txt'));
|
|
assert.equal(res.error, null);
|
|
});
|
|
|
|
it('validateOutputPath rejects directories and resolves relative output paths', () => {
|
|
assert.equal(pathResolver.validateOutputPath('').valid, false);
|
|
|
|
const out = pathResolver.validateOutputPath('out.txt', 'C:\\base');
|
|
assert.equal(out.valid, true);
|
|
assert.equal(out.path, path.resolve(path.join('C:\\base', 'out.txt')));
|
|
|
|
const existingDir = path.resolve('C:\\base\\dir-output');
|
|
setExists(existingDir, true);
|
|
setDir(existingDir, true);
|
|
const dirRes = pathResolver.validateOutputPath(existingDir, 'C:\\base');
|
|
assert.equal(dirRes.valid, false);
|
|
assert.equal(dirRes.error, 'Output path is a directory, expected a file');
|
|
});
|
|
|
|
it('getTemplateLocations and findTemplate use known locations', () => {
|
|
const homeTemplates = path.join(TEST_HOME, '.claude', 'templates');
|
|
const cwdTemplates = path.join(process.cwd(), '.claude', 'templates');
|
|
setExists(homeTemplates, true);
|
|
setExists(cwdTemplates, false);
|
|
|
|
const locations = pathResolver.getTemplateLocations();
|
|
assert.deepEqual(locations, [homeTemplates]);
|
|
|
|
const templateName = 'workflow-dashboard.html';
|
|
const templatePath = path.join(homeTemplates, templateName);
|
|
setExists(templatePath, true);
|
|
|
|
assert.equal(pathResolver.findTemplate(templateName), templatePath);
|
|
assert.equal(pathResolver.findTemplate('does-not-exist.html'), null);
|
|
});
|
|
|
|
it('ensureDir creates directory only when missing', () => {
|
|
const dirPath = 'C:\\tmp\\ensureDir';
|
|
pathResolver.ensureDir(dirPath);
|
|
assert.equal(fsState.mkdirCalls.length, 1);
|
|
assert.equal(fsState.mkdirCalls[0]?.path, dirPath);
|
|
|
|
pathResolver.ensureDir(dirPath);
|
|
assert.equal(fsState.mkdirCalls.length, 1);
|
|
});
|
|
|
|
it('normalizePathForDisplay converts backslashes to forward slashes', () => {
|
|
assert.equal(pathResolver.normalizePathForDisplay('C:\\a\\b'), 'C:/a/b');
|
|
});
|
|
|
|
it('getRecentPaths reads legacy file when legacy exists and new does not', () => {
|
|
const legacyFile = path.join(TEST_HOME, '.ccw-recent-paths.json');
|
|
setExists(legacyFile, true);
|
|
setFile(legacyFile, JSON.stringify({ paths: ['C:/one', 'C:/two'] }));
|
|
|
|
const paths = pathResolver.getRecentPaths();
|
|
assert.deepEqual(paths, ['C:/one', 'C:/two']);
|
|
});
|
|
|
|
it('trackRecentPath updates recent list and writes to centralized storage', () => {
|
|
const recentFile = path.join(TEST_CCW_HOME, 'config', 'recent-paths.json');
|
|
setExists(recentFile, true);
|
|
setFile(recentFile, JSON.stringify({ paths: ['C:/old'] }));
|
|
|
|
pathResolver.trackRecentPath('C:\\project\\demo');
|
|
|
|
assert.ok(fsState.writeCalls.length >= 1);
|
|
const latest = fsState.writeCalls.at(-1);
|
|
assert.equal(latest?.path, recentFile);
|
|
|
|
const data = JSON.parse(latest?.data ?? '{}') as { paths?: string[] };
|
|
assert.deepEqual(data.paths?.[0], 'C:/project/demo');
|
|
});
|
|
|
|
it('removeRecentPath removes matching path and persists update', () => {
|
|
const recentFile = path.join(TEST_CCW_HOME, 'config', 'recent-paths.json');
|
|
setExists(recentFile, true);
|
|
setFile(recentFile, JSON.stringify({ paths: ['C:/one', 'C:/two'] }));
|
|
|
|
const removed = pathResolver.removeRecentPath('C:\\two');
|
|
assert.equal(removed, true);
|
|
|
|
const latest = fsState.writeCalls.at(-1);
|
|
const data = JSON.parse(latest?.data ?? '{}') as { paths?: string[] };
|
|
assert.deepEqual(data.paths, ['C:/one']);
|
|
|
|
assert.equal(pathResolver.removeRecentPath('C:\\not-present'), false);
|
|
});
|
|
});
|
|
|
|
after(() => {
|
|
fs.existsSync = originalFs.existsSync;
|
|
fs.readFileSync = originalFs.readFileSync;
|
|
fs.writeFileSync = originalFs.writeFileSync;
|
|
fs.mkdirSync = originalFs.mkdirSync;
|
|
fs.realpathSync = originalFs.realpathSync;
|
|
fs.statSync = originalFs.statSync;
|
|
os.homedir = originalHomedir;
|
|
|
|
for (const key of Object.keys(process.env)) {
|
|
if (!(key in ORIGINAL_ENV)) {
|
|
delete process.env[key];
|
|
}
|
|
}
|
|
for (const [key, value] of Object.entries(ORIGINAL_ENV)) {
|
|
process.env[key] = value;
|
|
}
|
|
});
|